Cyber Operations Consultant - Incident Response
- Great opportunity to work with a leading Provider of Cyber Security Services in the region.
- Opportunity to learn and grow within a high performing team
- Seeking candidates with experience in Incident Response, log review, network forensics and familiarity with multiple operating system artefacts (Windows, MacOS, *Nix) is key.
- Willingness to travel up to 30-50%
My Client seeks Incident Response Consultants with strong technical skills and an eagerness to lead projects and work with their clients. Candidates will need to apply their forensics, log analysis, and malware triage skills to solve complex intrusion cases.
- Conduct host forensics, network, forensics, log analysis, and malware triage in support of incident response investigations.
- conduct large-scale investigations and examine endpoint and network-based sources of evidence.
- Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.
- Build scripts, tools, or methodologies to enhance internal incident investigation processes.
- Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
- Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Assist with scoping prospective engagements, participating in investigations from kickoff through remediation, and mentoring less experienced staff.
- Minimum 2-5 years of comparable experience
- Experience with either of these products SPLUNK, ELK , QRADAR, NITRO, etc.
- Technical expertise in at least three of the following areas:
- Windows disk and memory forensics
- Network Security Monitoring (NSM), network traffic analysis, and log analysis
- Unix or Linux disk and memory forensics
- Static and dynamic malware analysis
- Applied knowledge in at least one scripting or development language (such as Python)
- Thorough understanding of enterprise security controls in Active Directory / Windows environments
Please send your resume in WORD format by clicking the apply button below or contact Sathish Murugayah on +65 6701 1507 for a confidential discussion. Please note that only short-listed candidates will be contacted. CEI Reg. Number R1983762 (Sathish Murugayah).